Social Media Recovery

Steps to Avoid a Compromised Account

Passwords, Passwords, Passwords

It's the name of the game. The vast majority of hacked accounts can be prevented by using a unique secure password.

Source: XKCD Webcomic

Do Not Use Third Pary Apps

By allowing a third party app to access you account you are introducing an attack vector. If the third party app is compromised, a hacker could gain access to your account.

Be Alert for Phishing Scams

Be absolutely sure you are entering your credentials on Facebook.com or Twitter.com. Phishing scams will send you to similar named sites like twitter.x.com.

Here's a blog article on recent phishing scams at twitter, Avoid 'Phishing' Scams.

Strengthen Your Accounts

Facebook

1. On your About page --> set the birthday and email settings to "Only Me"
2. Account Security Settings --> Enable Login Notification so that when someone tries to login with your username, you will receive a notification on your cell phone or email and you can preemptively change your password since there may be malicious activity occuring.
3. Account Security Settings --> Require a Login Approval. A security code can be required when logging in from an unknown browser.
4. Account Security Settings --> Enable Secure Browsing
5. Account Security Settings --> Add some Trusted Contacts (This will help you reset a password later.)
6. Mobile Settings --> Add a phone number to help with password reserts.

Twitter

• Require personal information to reset my password in your account settings
• Always check that you're at twitter.com before logging In
• Twitter will never ask you to provide your password via email, direct message, or @reply.

Your Account has been Hacked, What Now?

Facebook

1. Try resetting your password
   • Attempt the reset process by sending to your registered email, registered mobile phone number or utilize a trusted contact to help.
2. Report compromised accounts
3. If you are back in, review the Account Settings > Apps page to make sure no unknown applications have been added.
4. IF you can't get back in, File a report with Facebook

Twitter

1. Change your password
2. Revoke connections to third-party applications
3. Update your password in your trusted third-party applications
   • To avoid being locked out due to a high number of failed login attempts.

If You're Unable to Reset Your Password

1. Request a password reset
2. Contact Support if you still require assistance

Appendix

Recommendations on setting a password

• EITS Policy Page
• Google Help Page
• Dashlane can be a great help for managing passwords
• Google Authenticator